I have installed (one instance of API Manager in a server) and created an API for internal consumption only in my organization. Now there is a requirement to expose another new API for external users only.
Can I do this using this same installation? or should I go for distributed architecture?
I would like to have the same domain name of the proxy url which I expose to consumers with different context paths for different API's. Can this be achieved?
You can set role-based visibility for APIs in the API Store when you create an API at the API Publisher. See this for details.
You can restrict API access with the help of OAuth Scopes. Scopes can be mapped to roles. So you can have role-based access control for your APIs. See this for details.